<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">  
<html xmlns="http://www.w3.org/1999/xhtml">  
<head>  
<meta http-equiv="content-type" content="text/html; charset=utf-8" />  
</head>  
<body>  
<table width="400" border="1" cellspacing="0" cellpadding="0">
<tr>
<td>
<?php $Dir=$_GET[Dir];$form=$_GET['form'];?>
<script language="javascript">
function insertPic(strValue){
	window.opener.document.frmdanhsach.<?=$form?>.value=strValue;
	//window.opener.document.frmDanhSach.anhmota.src=strValue;
}
</script>
<?php  
$site_name = $_SERVER['HTTP_HOST'];  
$url_dir="../hinhanh/".$Dir;
$upload_dir = "../hinhanh/".$Dir."/";  
$upload_url = $url_dir."/";  
$dir = opendir(".");  
$message ="";  

if ($_FILES['userfile']) {  
$message = do_upload($upload_dir, $upload_url);  
}  

print $message;  

function do_upload($upload_dir, $upload_url) {  
$ok=true;
$blacklist = array(".php", ".phtml", ".html",".jsp");
foreach ($blacklist as $item) {
    if(preg_match("/$item\$/i", $_FILES['userfile']['name'])) {
        $message=0;
		$ok=false;
        exit;
    }
 } 
if($ok==true){
$temp_name = $_FILES['userfile']['tmp_name'];  
$file_name = $_FILES['userfile']['name'];  
$file_type = $_FILES['userfile']['type'];  
$file_size = $_FILES['userfile']['size'];  
$result = $_FILES['userfile']['error'];  
$file_url = $upload_url.$file_name;  
$file_path = $upload_dir.$file_name;  
$Loaifile= array();
//Kiểm tra tên file  
if ( $file_name =="") {  
$message = "Tên file không hợp lệ";  
return $message;  
}  
//Kiểm tra dung lượng file upload  
// ở đây tôi sét là 5mb  
else if ( $file_size > 5000000) {  
$message = "The file size is over 5mb.";  
return $message;  
}  
//Kiểm tra kiểu file upload  
else if ($file_type != "image/jpg" and $file_type !="application/msword"  and $file_type!="application/pdf" and $file_type!="application/vnd.ms-powerpoint" and $file_type!="application/vnd.ms-excel" and $file_type != "image/jpeg" and  $file_type != "image/pjpeg" and $file_type!="image/gif" and $file_type!="image/bmp" and $file_type!="image/x-icon" and $file_type!="image/x-png"  and $file_type!="image/png" ){
$message = "File ban up ko hop le" ;  
return $message;  
}  
//Upload file  
	$today = date("YmdGis");
	$type = substr(strrchr($file_name, "."), 1);
	$new_file_name=$today.".".$type;
	$path=  $upload_dir.$new_file_name;
$result = move_uploaded_file($temp_name, $path); 
$message = ($result)?"Url file đã upload <a href='.$path.'>$path</a><br>kieu file: $file_type <input onClick=\"javascript:insertPic('$path');window.close();\" type=\"button\" value=\"Insert\" name=\"Close1\">" :  
"Có lỗi trong quá trình upload file.";  

return $message; 
}
}  
?>  
</td>
</tr>
  <tr>
    <td><form name="upload" id="upload" ENCTYPE="multipart/form-data" method="post">  
File upload :<input type="file" id="userfile" name="userfile">  
<input type="submit" name="upload" value="Upload">  
</form>  </td>
  </tr>
</table>

<?php  
// hiển thỉ danh sách các file trong thư mục uploads  

//while (FALSE !== ($file = readdir($dir))) {  
//if (is_dir($file)) {  
//doc tên thư mục  
//echo "<a href=\"$file\"><span class=\"directory\">$file/</span></a><br>\n";  
//} else  
//doc ten file  
//$non_dirs[] = "<a href=\"$file\">$file</a><br>\n";  

//}  
//foreach ($non_dirs as $value) {  
//echo $value;  
//}  
closedir($dir);  
?>  
</body>  
</html> 